Quick Start: DevSecOps for IaC¶
🚀 5-Minute Quick Start¶
For Beginners¶
Step 1: Install ThothCTL¶
Step 2: Create Your First Project¶
# Initialize a new Terraform project
thothctl init project --name my-first-infra --template terraform-aws
cd my-first-infra
Step 3: Check Your Environment¶
Step 4: Run Security Scan¶
Step 5: View Results¶
🎉 Congratulations! You've completed your first DevSecOps workflow!
🎯 Common Use Cases¶
Use Case 1: Security Audit¶
# Run all security scanners
thothctl scan iac --tool checkov
thothctl scan iac --tool trivy
# View consolidated results
thothctl dashboard launch
Use Case 2: Cost Estimation¶
# Create Terraform plan
terraform plan -out=tfplan.binary
terraform show -json tfplan.binary > tfplan.json
# Analyze costs
thothctl check iac --type cost-analysis --plan-file tfplan.json
Use Case 3: Change Impact Analysis¶
Use Case 4: Dependency Management¶
📚 Learning Path¶
Level 1: Beginner (Week 1)¶
- Install ThothCTL
- Initialize first project
- Run basic security scan
- Generate documentation
Level 2: Intermediate (Week 2-3)¶
- Set up CI/CD integration
- Use all security scanners
- Perform cost analysis
- Create infrastructure inventory
Level 3: Advanced (Week 4+)¶
- Implement blast radius assessment
- Set up compliance policies
- Automate full DevSecOps pipeline
- Customize templates and workflows